Overview

overview

10

Static

static

10

e6c2004f8b...18.exe

windows7-x64

10

e6c2004f8b...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-09-2024 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e6c2004f8b577bd10e9682271bdf19ba_JaffaCakes118.exe

  • Size

    19KB

  • MD5

    e6c2004f8b577bd10e9682271bdf19ba

  • SHA1

    bbd1eb059677543dd65b1b308163aee4a7d0a8fd

  • SHA256

    fe6466ccf7c38a4b9b9b9cc0e0f59153ed5cc421d6a1f5f94cd867e5fcc98b44

  • SHA512

    e1869884287a7efd22a0df0606bd7f497fb88fb259c4b5a7a1091e57cd77221200606d015ad13972ef68b5c9c4317ff081ba826f6cc497c049498aa66dddaaec

  • SSDEEP

    192:ntdLcj8WDkB9Cab+peklBs97THnRaT5S545myq29:7NB9C4+lTs9paY545myn

Score
10/10
modiloadertrojan

Malware Config

Signatures

  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e6c2004f8b577bd10e9682271bdf19ba_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\e6c2004f8b577bd10e9682271bdf19ba_JaffaCakes118.exe"
    1⤵
      PID:2888

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2888-0-0x0000000040000000-0x000000004000A000-memory.dmp

      Filesize

      40KB

      Download